HIPAA/BA SERVICES Archives

  • Even though businesses of all sizes are targeted by hackers, small businesses and practices make up approximately 70% of data breaches due to cyberattacks. Patient information is very valuable and small businesses often have less protection than large businesses do in cybersecurity. Strengthen the human element Training employees is one of the best defenses againstRead more…

  • October is the national cybersecurity awareness month, and we take cybersecurity seriously at TMC. This year’s theme “will focus on key areas including citizen privacy, consumer devices, and e-commerce security.” But rather than talk about cybersecurity, get into the spirit with a quick word search! Feel free to print this out and share it withRead more…

  • The Department of Health and Human Services Office for Civil Rights (OCR), has reported a staggering increase since this time last year of all forms of breaches of patient PHI. Note: These figures do not include any 2019 breaches that involved fewer than 500 individuals. A covered entity must notify the Secretary of a PHIRead more…

  • On May 24, the HHS Office for Civil Rights (OCR) released a new fact sheet for Business Associates explaining their liability for HIPAA compliance. OCR is the government enforcement agency for HIPAA compliance. They have the authority to take enforcement action against business associates for failing to comply with requirements and prohibitions. Since the implementationRead more…

  • The days of having your computer work done by your friend’s nephew or the neighborhood fix-it guy are over. Your IT professional needs to be well versed in HIPAA. They also need to be motivated to keep up with the changing threat environment. It can literally save you millions of dollars and sleepless nights. NowRead more…

  • Everything you wanted to know about the OCR Cloud Computing Guidance but were afraid to ask What exactly is the cloud? The cloud is a network of servers used to share resources, software, and information via a network. Each server has a different function. Some servers run applications and some deliver a service. The informationRead more…

  • In May, Great Britain’s National Health Service (NHS) was hit by a large-scale cyber-attack. Some hospitals and practices across England and Scotland were unable to access patient data, after their computers were locked by a ransomware attack demanding payment in virtual currency, Bitcoin. However, there was no evidence that patient data had been compromised. TheRead more…

  • When you have a breach of Protected Health Information (PHI) the practice will have to notify the affected patients, Health and Human Services (HHS) and potentially other parties. The timing is critical. This month we will review notification requirements. Patient Notification You must provide notice to each affected patient in written form by first-class mail,Read more…